Skip to content

Instantly share code, notes, and snippets.

View Deele's full-sized avatar

Nils Deele

6 followers · 5 following
  • Freelancer
  • Latvia, Riga
  • 17:10 (UTC +02:00)
View GitHub Profile
@hackermondev
hackermondev / writeup.md
Last active December 30, 2025 04:46
How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

hi, i'm daniel. i'm a 16-year-old high school senior. in my free time, i hack billion dollar companies and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world.

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends' writeups (after this one))
how to hack discord, vercel, and more with one easy trick (eva)
Redacted by Counsel: A supply chain postmortem (MDL)

@CaptSolo
CaptSolo / .zshrc
Created January 29, 2025 15:36
My zsh config
# If you come from bash you might have to change your $PATH.
# export PATH=$HOME/bin:$HOME/.local/bin:/usr/local/bin:$PATH
# Path to your Oh My Zsh installation.
export ZSH="$HOME/.oh-my-zsh"
# Set name of the theme to load --- if set to "random", it will
# load a random theme each time Oh My Zsh is loaded, in which case,
# to know which specific one was loaded, run: echo $RANDOM_THEME
# See https://github.com/ohmyzsh/ohmyzsh/wiki/Themes
@itod
itod / split_keyboards.md
Last active September 23, 2025 07:22
Every "split" mechanical keyboard currently being sold that I know of
@iamphilrae
iamphilrae / phpMyAdmin Export Filename Template, Including Date and Time
Last active August 14, 2025 13:51
phpMyAdmin Export Filename Template, Including Date and Time
@DATABASE@__%Y-%m-%d_%H-%M-%S
@corburn
corburn / CSP.md
Last active September 20, 2023 12:55 — forked from xrstf/letsencrypt.md
Nginx server notes

The following is from scotthelme.co.uk

Content Security Policy

with Content Security Policy (CSP) enabled(and a browser that supports it(http://caniuse.com/#feat=contentsecuritypolicy), you can tell the browser that it can only download content from the domains you explicitly allow http://www.html5rocks.com/en/tutorials/security/content-security-policy/ https://www.owasp.org/index.php/Content_Security_Policy I need to change our application code so we can increase security by disabling 'unsafe-inline' 'unsafe-eval'

@endel
endel / number-pad-zero.js
Last active August 1, 2023 11:54
Simplest way for leading zero padding in JavaScript
Number.prototype.pad = function(size) {
var s = String(this);
while (s.length < (size || 2)) {s = "0" + s;}
return s;
}
(1).pad(3) // => "001"
(10).pad(3) // => "010"
(100).pad(3) // => "100"
@carcinocron
carcinocron / debugger pause beforeunload
Last active July 22, 2025 08:53
Chrome: pause before redirect
// Run this in the F12 javascript console in chrome
// if a redirect happens, the page will pause
// this helps because chrome's network tab's
// "preserve log" seems to technically preserve the log
// but you can't actually LOOK at it...
// also the "replay xhr" feature does not work after reload
// even if you "preserve log".
window.addEventListener("beforeunload", function() { debugger; }, false)
@shovon
shovon / increase_swap.sh
Created April 10, 2015 15:18
Increasing swap size. Only tested on the ubuntu/trusty64 Vagrant box. CREDIT GOES TO ---> http://jeqo.github.io/blog/devops/vagrant-quickstart/
#!/bin/sh
# size of swapfile in megabytes
swapsize=8000
# does the swap file already exist?
grep -q "swapfile" /etc/fstab
# if not then create it
if [ $? -ne 0 ]; then
@julionc
julionc / 00.howto_install_phantomjs.md
Last active August 31, 2025 01:22
How to install PhantomJS on Debian/Ubuntu

How to install PhantomJS on Ubuntu

Version: 1.9.8

Platform: x86_64

First, install or update to the latest system software.

sudo apt-get update
sudo apt-get install build-essential chrpath libssl-dev libxft-dev
@sgmurphy
sgmurphy / url_slug.js
Created July 12, 2012 02:05
URL Slugs in Javascript (with UTF-8 and Transliteration Support)
/**
* Create a web friendly URL slug from a string.
*
* Requires XRegExp (http://xregexp.com) with unicode add-ons for UTF-8 support.
*
* Although supported, transliteration is discouraged because
* 1) most web browsers support UTF-8 characters in URLs
* 2) transliteration causes a loss of information
*
* @author Sean Murphy <sean@iamseanmurphy.com>